Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/bylZGr_7g4Il3uQ1wmPxzGVkIMc.roa
File:                     bylZGr_7g4Il3uQ1wmPxzGVkIMc.roa (raw, json)
Hash identifier:          WVIcdGrRPzLRfUVDjE6k0JFmWznLQU9b39ZACIHEADU=
Subject key identifier:   6F:29:59:1A:BF:FB:83:82:25:DE:E4:35:C2:63:F1:CC:65:64:20:C7
Certificate issuer:       /CN=ff44dbaca56dac319401f68a50d917f5424611ad
Certificate serial:       01856D4AE02D7FCC66132AA21BEE8210D54E
Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/bylZGr_7g4Il3uQ1wmPxzGVkIMc.roa
Signing time:             Sun 01 Jan 2023 12:25:01 +0000
ROA not before:           Sun 01 Jan 2023 12:25:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2914
IP address blocks:        94.143.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 27 May 2023 20:34:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:4a:e0:2d:7f:cc:66:13:2a:a2:1b:ee:82:10:d5:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad
        Validity
            Not Before: Jan  1 12:25:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6f29591abffb838225dee435c263f1cc656420c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:b4:8c:e0:3e:74:cc:8f:48:31:a7:17:28:83:
                    ad:62:00:36:91:2e:82:db:13:56:5f:ee:e1:87:b6:
                    68:99:27:16:3f:35:c3:52:bc:ee:28:7c:21:fd:62:
                    7f:fb:75:f5:38:a6:c1:e9:b5:a7:15:de:35:e8:4c:
                    86:c4:f3:6f:7c:91:4d:ff:bd:8e:48:b2:26:59:c2:
                    0e:bc:77:c3:2c:27:0f:49:81:d5:01:ad:3d:21:e1:
                    e0:b9:22:b7:52:6d:99:d8:d8:f1:15:26:d8:1a:37:
                    8a:8a:a3:d1:14:52:72:ad:e1:c3:a3:56:d3:f6:7f:
                    51:72:7c:35:86:49:43:ab:55:67:ee:9e:2c:f6:db:
                    b8:a9:92:c2:bd:2d:22:e3:c8:7c:4d:c1:11:5c:2a:
                    19:5f:30:c5:7f:ea:69:2b:e8:22:de:07:b6:7d:41:
                    9b:92:82:5d:7a:cc:fb:e7:9a:af:f1:31:9a:a6:eb:
                    02:4d:e5:6a:41:09:85:fd:be:a2:67:a6:92:1a:d2:
                    1c:a7:62:1b:55:56:33:f2:85:a5:91:32:27:25:b0:
                    5c:a9:60:36:a1:47:4c:4d:ea:77:5a:05:28:fc:e3:
                    59:b7:2c:2c:e1:55:10:49:85:30:f6:0e:ef:dc:8c:
                    44:60:17:96:79:3e:e4:c7:ad:5d:cc:b9:dc:96:2a:
                    c3:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:29:59:1A:BF:FB:83:82:25:DE:E4:35:C2:63:F1:CC:65:64:20:C7
            X509v3 Authority Key Identifier:
                keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/bylZGr_7g4Il3uQ1wmPxzGVkIMc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.143.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:de:a9:cf:1d:08:dd:37:3e:8d:5e:88:84:b4:3e:61:62:fa:
         04:dd:3d:4d:05:a9:c1:d7:d2:28:d4:34:87:8b:12:f1:e2:2d:
         20:48:13:cf:49:13:91:a1:70:4a:76:0e:d3:25:f3:2d:06:69:
         e9:eb:ef:6a:06:d7:08:57:ba:37:a9:a1:ae:14:bf:75:b8:07:
         35:fe:19:65:a3:bc:f1:86:c3:3a:b1:e3:9b:85:2a:a1:e3:1a:
         79:9d:24:11:bd:c0:8d:8c:39:e0:13:29:f7:84:61:5a:1d:a5:
         29:14:96:6c:df:b2:ad:7d:5c:40:af:78:5d:8d:40:62:56:3b:
         5b:c7:02:9c:3f:ef:ee:0b:ca:db:33:fa:66:fa:e0:cc:6e:54:
         f3:b3:b7:2f:8b:d8:a7:55:79:1d:fd:c7:92:34:0f:7d:54:57:
         c7:9e:58:a3:53:80:ea:74:61:6d:40:b5:67:55:cf:b5:88:c2:
         ae:0e:41:7b:61:f5:11:22:c3:55:b0:9f:3c:7b:0b:b3:fe:ef:
         bd:03:f2:af:20:0d:c3:82:b0:50:c0:21:30:5a:2d:d3:d5:8a:
         84:85:16:98:8e:59:57:00:a0:88:c6:90:b9:a6:74:aa:dd:f5:
         e1:c2:cd:f7:2a:11:d4:fc:bf:66:f9:88:5a:04:4d:b4:c8:d5:
         79:ff:28:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtSuAtf8xmEyqiG+6CENVOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0
NjExYWQwHhcNMjMwMTAxMTIyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjI5NTkxYWJmZmI4MzgyMjVkZWU0MzVjMjYzZjFjYzY1NjQyMGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7SM4D50zI9IMacXKIOtYgA2kS6C
2xNWX+7hh7ZomScWPzXDUrzuKHwh/WJ/+3X1OKbB6bWnFd416EyGxPNvfJFN/72O
SLImWcIOvHfDLCcPSYHVAa09IeHguSK3Um2Z2NjxFSbYGjeKiqPRFFJyreHDo1bT
9n9Rcnw1hklDq1Vn7p4s9tu4qZLCvS0i48h8TcERXCoZXzDFf+ppK+gi3ge2fUGb
koJdesz755qv8TGapusCTeVqQQmF/b6iZ6aSGtIcp2IbVVYz8oWlkTInJbBcqWA2
oUdMTep3WgUo/ONZtyws4VUQSYUw9g7v3IxEYBeWeT7kx61dzLnclirDKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG8pWRq/+4OCJd7kNcJj8cxlZCDHMB8GA1UdIwQY
MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct
YzVkODk1MDgxOGVjLzEvYnlsWkdyXzdnNElsM3VRMXdtUHh6R1ZrSU1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj
LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXo/hMA0G
CSqGSIb3DQEBCwUAA4IBAQAf3qnPHQjdNz6NXoiEtD5hYvoE3T1NBanB19Io1DSH
ixLx4i0gSBPPSRORoXBKdg7TJfMtBmnp6+9qBtcIV7o3qaGuFL91uAc1/hllo7zx
hsM6seObhSqh4xp5nSQRvcCNjDngEyn3hGFaHaUpFJZs37KtfVxAr3hdjUBiVjtb
xwKcP+/uC8rbM/pm+uDMblTzs7cvi9inVXkd/ceSNA99VFfHnlijU4DqdGFtQLVn
Vc+1iMKuDkF7YfURIsNVsJ88ewuz/u+9A/KvIA3DgrBQwCEwWi3T1YqEhRaYjllX
AKCIxpC5pnSq3fXhws33KhHU/L9m+YhaBE20yNV5/yj8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:01 2024 by rpki-client on console-fra.rpki-client.org